Vulnerability related Doubts in Nginx
Valentin V. Bartenev
vbart at nginx.com
Tue Mar 22 12:13:22 UTC 2016
On Tuesday 22 March 2016 17:35:19 Zeal Vora wrote:
> We are running Nginx version 1.8 ( nginx-1.8.1-1.amzn1.ngx.x86_64 ) in our
> servers. So in the Vulnerability Assessment, Nessus gave report that it is
> *Current version :-* nginx-1.8.1-1.amzn1.ngx.x86_64
> *Fix Version ( According to Nessus ) :-* nginx-1.8.1-1.26.amzn1
> I don't seem to find the " Fix Version " of Nginx which Nessus suggested.
> Is there any work around for this ?
> Is 1.8 the latest stable version which is available or we can move forward
> with higher one ?
> Any help will be appreciated!
The CVE-2016-0742 that is referenced in the report is fixed in nginx 1.8.1.
See here for the official information:
wbr, Valentin V. Bartenev
More information about the nginx